Authentication

You will need to authenticate your requests to access the TripEdge API endpoints. This guide explains how authentication works and how to include your API key in requests.

API key authentication

The TripEdge API uses API key authentication. You will receive your API key when your account is provisioned. Include your API key in the Authorization header of every request using the Bearer token format.

curl https://api.tripedge.com/v1/availability \
  -H "Authorization: Bearer {your_api_key}" \
  -H "Content-Type: application/json" \
  -d '{"place_id": "ChIJOwg_06VPwokRYv534QaPC8g", "check_in": "2024-03-15", "check_out": "2024-03-18", "rooms": [{"adults": 2, "children": 0, "children_ages": []}]}'

Public endpoints

Some endpoints do not require authentication and can be called without an API key:

• GET /v1/places/search - Search for destinations
• GET /v1/places/:place_id - Get place details

curl -G https://api.tripedge.com/v1/places/search \
  -d text_query="New York"

Authentication errors

If your API key is missing, invalid, or expired, you will receive a 401 Unauthorized response:

{
  "success": false,
  "message": "Invalid or missing API key"
}

Common authentication issues:

• Missing header: Ensure you include the Authorization header
• Wrong format: Use Bearer {api_key}, not just the key alone
• Expired key: Contact support if your key has been rotated
• Wrong environment: Ensure you are using the correct key for production vs sandbox

Environment-specific keys

You may have separate API keys for different environments:

Use the appropriate API key for each environment. Sandbox bookings are marked with is_sandbox: true in the response.

Request headers

All authenticated requests should include these headers:

Authorization: Bearer {your_api_key}
Content-Type: application/json

For POST requests with a JSON body, always include the Content-Type: application/json header.